Business Concepts
Company Info Product News Products Support Downloads Contact Info
Remote Access Internet Filtering Email Security Bandwidth Management Vulnerability Management Anti Virus Protection
8e6 Technologies Home
8e6 Product Range
8e6 ProxyBlocker
Remote / Mobile Internet Filtering
Web Usage Reporting
Database Categories
Pass-By Filtering Technology
Solutions by Sector
8e6 Network Integration
Internet Filtering White Papers
8e6 Price Enquiry / Evaluation
banner

8e6 Technologies - Network Integration

The R3000 filtering engine allows filtering of network traffic at an IP packet level. This eliminates any need for proxy settings, and allows the R3000 to operate totally invisible to the connections it filters. It "monitors" the packets flowing through the network, and can "intercept" the TCP session once inappropriate activity is detected. The R3000 will either not appear in the path of the connection, or will appear as an IP router, depending on the configuration.

Invisible mode
 This is the simplest mode of the R3000. The unit can invisibly filter all network traffic that it "sees" on the Ethernet without being involved in the path between the client and the Internet. It has the ability to "intercept" a session when necessary if it determines something inappropriate is done, and return a message to the client and server. Although the original request packets are transmitted in all cases, the R3000 will return a "block page " to the client if the request was inappropriate.

This allows the R3000 to be totally uninvolved in the routing of packets from client to Internet, allowing for automatic redundancy, and automatic fail-safe. If the R3000 should fail and filtering stops, the network traffic is unaffected.

Above diagram illustrates how the R3000 is connected to the managed switching hub. The R3000 port is configured with the "port monitoring" function enabled. This allows the port to mirror the port that is connected to the router.


Router Mode
 This mode allows the R3000 to act as an Ethernet router, passing packets from one card to the other. As the packets pass through the R3000, they are filtered. Only outgoing packets need to be routed, not the return packets, allowing the R3000 to appear only in the outgoing path of the network.

In this mode, the original packets from the client are allowed to pass in all cases, but if the request is inappropriate, a block page is returned to the client to replace the actual requested web page. All packets are allowed to pass just as if the R3000 was only a Ethernet router.


Firewall Mode
 This mode is a modification of Router Mode. It provides for 100% assurance that filtering will take place regardless of the loading of the R3000. To accomplish this, all original packets are "blocked" from routing through if they are a filtered service. The filtering takes place, and if the request is appropriate, the original packet is allowed to pass unchanged. The overall affect is that the outgoing request is delayed slightly to allow filtering to take place before it leaves the gateway router of the network, but return traffic is still unaffected.

In this set-up, a local caching proxy will not affect the R3000, even if it is unfiltered and contains cached "bad" pages, since no request can pass until after it is filtered.

In this set-up, a local caching proxy will affect the R3000, if the caching proxy contains cached "bad" pages. It is always recommended to clear or expire the cached content after the installation of the R3000.

 

Copyright ©2008 Business Concepts Ltd.

Last Updated 11th Feb 2008

8e6 Internet Filtering Products -- Employee Internet Management - 8e6 Web Filter - Web Filters -

Web Filtering-- Threat Analysis Reporter - Restricting Employee Internet Access